3 Principles for Better Usability Risk Management

Usability is important for manufacturers to consider when coming up with life science products. Ultimately, users and patients interact with your product, and those interactions inherently carry levels of varying risk.

This presents a complex challenge to product development teams. While use error cannot be entirely eliminated—because users can and will interact with products in unforeseen and unpredictable ways—teams can do their best to understand, prioritize, and control as much usability risk as is feasible. To improve usability risk management, there are three important principles to consider.

1. Ensure users and other stakeholders are well-defined

Having your users (and other stakeholders who engage with your life science product) well scoped out and understood before starting any usability risk activities is highly beneficial. While iteration is necessary to continue to understand and refine your user/stakeholder profiles over time, having a good sense of their abilities, knowledge, limitations, and needs prior to working through risk management steps benefits the overall process. It’s also vital to establish the use environments in which your users/stakeholders come in contact with your product.

Through whatever risk activities your organization decides to adopt, this supplementary information about users can inform greater levels of usability risk management. Users who have severe diabetes, for example, might be confined to a home use environment; also, their condition might limit their cognitive and physical abilities. Understanding that context when running through a uFMEA or UEA therefore informs the results of those activities, and your teams can assess appropriate controls and mitigations to account for those influencing features.

2. Choose appropriate risk analysis activities

A common usability-related risk activity is the Use Failure Modes Effects and Analysis (uFMEA). With uFMEAs, your risk management teams can walk through the possible failure modes that result from use error and evaluate their severity and probability. These exercises are effective because they help in understanding process breakdowns that occur during contacts between user and product. However, the uFMEA does have limitations that other tools and activities, like Use Error Analysis (UEA), can resolve.

During UEA risk activities, the primary focus is on understanding all the necessary ways users work with your product’s interface and the context in which those interactions occur. The UEA then goes on to determine what hazards, hazardous situations, and potential harms the user is then exposed to when a use error occurs, which can then be scored to determine levels of risk. Conducting preliminary hazard analysis before any usability risk activities can further empower the back-end of UEA activities, as hazards can be identified early-on in relation to user needs.

Both of these activities aid your risk management teams in prioritizing risks, along with helping enact the necessary controls and mitigations to ensure your product is safe and effective. But these are just two examples of the usability risk activities and tools out there for development teams to apply. In seeing the difference between just these two, you can get a sense of the variety of usability risk activities your organization could implement.

3. Link usability risk analyses back to requirements

Linking usability risks (plus their resulting controls and mitigations) to your product requirements has two main benefits:

Understanding relationships between requirements and risks

Evaluating the impact of risk controls on related requirements or those elsewhere on the requirements flow

When you link a usability risk to a requirement, it allows your team to understand how a given requirement corresponds with that risk. Sometimes, the risk compromises the requirement and/or its related product feature. But it could also be the case that the requirement actually results in the hazards, hazardous situations, and harms present in a given usability risk. Seeing these dynamics can empower further recurring risk management work on usability.

Likewise, establishing the requirement/risk relationship allows your team to evaluate the impact of controls and mitigations, both on the related requirement as well as up and down the requirements flow. Whether a risk control compromises a usability feature or another crucial aspect of the product’s system is important information to gather and evaluate. With robust traceability between your requirements and risks—in addition to requirements within and between requirements levels—your team can easily evaluate and understand how risks, risk controls, mitigations, etc. impact your overall product design.

About Nick Schofield

Nick Schofield is a content creator for Cognition Corporation. A graduate of the University of Massachusetts Lowell, he has written for newspapers, the IT industry, and cybersecurity firms. In his spare time, he is writing, hanging out with his girlfriend and his cats, or geeking out over craft beer. He can be reached at nick.schofield@cognition.us.